Tagged Questions

Following on from this question Does anyone have any details/resources on the technical specifics of how apple implement encryption on their iOS 4.x series devices?
The Apple marketing material here, ...

Background
My company is currently in the process of rolling out support for the iPhone. As a part of this rollout, they are requiring employees to install an application on their phones that allows ...

Here is an article that should give a little more context (and see my comment on it, same username, for additional info).
iOS developers are able to distribute apps outside of the App Store using an ...

As this question on voicemail protection got answers veering more to protecting the mobile phone, I thought I should add a specific question on this topic.
There is already a question on protecting ...

For those of you who are not familiar with the topic, a quick search will turn up a lot of hits, e.g. see the researcher's report at Got an iPhone or 3G iPad? Apple is recording your moves - O'Reilly ...

This question might be vague, that is because I am not sure where to start.
There are a lot of books and courses on pentest focusing on networks, systems, and OS such as windows, yet I haven't been ...

I need to clarify my question. I'm wondering if there are any apps for smartphone that can log each 'keystroke' (i.e. key pressed on touchscreen) that a user does. Performing a google search brings up ...

Recently, the new full-disk encryption system of Apple's iOS 8 operating system has been in the news. And soon after Apple's release, Google announced that they will also enable encryption by default ...

Some apps like Foursquare require the user to "check in" at physical places, in order to gain money benefits.
Given that emulated GPS are available for customized versions of Android, it sounds easy ...

Keychain entries of a 3rd party app are protected according their 'protection class'. For example, assigning the class 'kSecAttrAccessibleWhenUnlocked' to a keychain entry means that the entry is only ...

I'm working on an iOS app that will also have a web component. When a user creates an account, their password will be salted and hashed. I already have the hashing algorithm working on the web-side.
...

Most tablets, and iPads in particular, are typically single user devices.
Scenario: A service business that interacts directly with customers in person and wants to use iPads while interacting with ...

Consider the following scenario.
Eve creates an access point in a public place.
Alice connects to the AP via mobile phone and starts browsing the Web.
Eve redirects Alice to a registration page and ...

iOS version 5 and newer has a setting for VPNs to "Send All Traffic" over that VPN. I think that sending all data to a trusted VPN target would ensure privacy of all communication sent over that WiFi ...

The iOS data protection API and its implementation are fairly well documented, but it is only really useful if apps actually use some level other than NSFileProtectionNone for their files.
Is there ...

I'm currently developing a mobile app (iOS based initially) that consumes multiple APIs. Currently we're storing API keys as strings in the the prefix header file, and initializing most of the APIs ...

I need to proof that a user of my app is in possession of the correct SIM card.
On android devices, this is possible by simply sending a challenge within an SMS to the corresponding number (the proof ...

iOS, like most other mobile OSs, has the potential to leak significant chunks of personal information to 3rd-party apps and to ad and tracking networks used by those apps, which in turn also has the ...

A popular car insurance company in the US has an app that displays "digital car insurance" papers. In the commercials, these apps are opened, and the user gives the unlocked phone to police officers. ...

I noticed that some apps, e.g. Skype, is capable to exit and not run in case one has jailbroken his iOS based device.
I couldn't find online how to check that a device is jailbroken. Please anyhelp ...

In an iPhone app that utilizes plain text (unencrypted) XML as the contents of its http POST requests over https to the app server; how would someone be able to discover the "format" of the plain text ...

All iOS devices from the iPhone 3GS have a hardware encryption chip, right?
When you erase an iOS device with the "Erase All Content and Settings" menu item or via Remote Wipe the encryption keys are ...

Apparently, iOS 6 introduced IDFA, "identifier for advertisers", which identifies your device so that advertisers can track you and send you ads. It appears they also introduced IDFV, "identifier for ...